endpoint detection and response (EDR)

GPTKB entity

Statements (50)
Predicate Object
gptkbp:instanceOf cybersecurity technology
gptkbp:alsoKnownAs endpoint threat detection and response (ETDR)
gptkbp:analyzes endpoint data
gptkbp:coinedBy gptkb:Gartner
2013
gptkbp:component cybersecurity strategy
gptkbp:detects gptkb:advanced_persistent_threats_(APTs)
malware
insider threats
zero-day attacks
fileless malware
gptkbp:enables incident response
malware analysis
threat hunting
gptkbp:focusesOn endpoint devices
https://www.w3.org/2000/01/rdf-schema#label endpoint detection and response (EDR)
gptkbp:integratesWith gptkb:security_information_and_event_management_(SIEM)
security orchestration, automation, and response (SOAR)
threat intelligence platforms
gptkbp:marketedAs gptkb:CrowdStrike
gptkb:Sophos_Intercept_X
gptkb:McAfee
gptkb:Trend_Micro
gptkb:SentinelOne
gptkb:Microsoft_Defender_for_Endpoint
gptkb:Cisco_Secure_Endpoint
VMware Carbon Black
gptkbp:monitors user behavior
network connections
registry changes
file activity
process activity
gptkbp:notableCollection endpoint data
gptkbp:primaryUse investigate security incidents
detect suspicious activities
respond to threats
gptkbp:provides forensic analysis
real-time monitoring
automated response
gptkbp:relatedTo gptkb:security
endpoint protection platforms (EPP)
extended detection and response (XDR)
gptkbp:requires cloud-based management console
endpoint agent
gptkbp:supports compliance requirements
gptkbp:usedBy IT security teams
security operations centers (SOCs)
gptkbp:bfsParent gptkb:Zero_Trust_Security
gptkb:Extended_Detection_and_Response_(XDR)
gptkbp:bfsLayer 7